I have one Office computer plugged into DGS-1100-08P - OFFICE, and one other computer (serving as a POS) plugged into DGS-1100-08P - BAR

I need to segregate the two computers from any other traffic. Specifically the laptops and devices that connect via the two DAP-2660 APs.

I have enough networking experience to be dangerous, but have NEVER played with VLANS, and am in WAY over my head. I have searched here, but I haven't found anything that uses two DGS-1100-08P's in this setup, nor have I found anything about spanning a VLAN across multiple switches...

I think you can implement your scenario by using the "asymmetric VLAN" feature fortunately supported by your DGS switches. For a general discussion of the basics of "asymmetric VLANs" see e.g. here and the links embedded there.

In the following solution I assume (because you didnít tell it) that

at switch DGS-BAR port 1 is used to connect to port 4 of switch DGS-OFFICE,

at switch DGS-OFFICE port 1 is used to connect to the ARRIS.

If other ports are used, just swap the configuration of my assumed and your real ports.

The default configuration for both switches is the definition of a single VLAN 1 (which has no name) with any port being configured to be an untagged member of VLAN 1 and the PVID of any port set to 1 either. In effect this looks like no VLAN is defined at all.

For switch configuration use some Admin PC and connect it to a free switch port. The default configuration of any free switch port will not be changed in what follows.

Set port 4 to be an untagged member of VLAN 1 (=default) and a tagged member of both VLANs 2 and 3

Set port 8 to be an untagged member of both VLANs 1 and 3

In "PVID settings" set port 3 to PVID=2 and port 8 to PVID=3. Leave all other ports at their default setting (PVID=1)

On switch DGS-BAR

Set the port used to connect to switch DGS-OFFICE (1?) to be an untagged member of VLAN 1 (=default) and a tagged member of both VLANs 2 and 3

Set port 4 to be an untagged member of both VLANs 1 and 3

Set port 6 to be an untagged member of both VLANs 1 and 2

In "PVID settings" set port 6 to PVID=2 and port 4 to PVID=3. Leave all other ports at their default setting (PVID=1)

If finished, the two PCs can talk to each other and to the Internet but not to any wireless device. Vice versa, wireless devices can talk to each other and to the Internet but not to the two PCs.

What Iím not sure about: The challenge with your scenario is to extend the asymmetric VLAN feature over two switches. To this end, I configured the ports that connect to the other switch respectively, to be so called VLAN trunk ports (using VLAN 1 to be the native VLAN). Iím not sure, if you can configure VLAN trunks with switches, that have the asymmetric VLAN feature enabled, and thatís why this configuration might fail. But, give it a try!